Curriculum Vitae Privacy Policy

PERSONAL DATA PROCESSING POLICY

This Policy is provided, pursuant to Article 13 of Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR), to users who interact with the KRITEK, s.r.o. website, accessible electronically at the following URL (the website homepage): https://kritek.eu .

This Policy describes how data is collected and managed in relation to the compilation of a data collection form used for personnel recruitment on the Company’s only official website.

Additional information may be provided within the different access channels, organised on the basis of the subject matter covered. Other information may be provided on the website in relation to specific services.

Data Controller: KRITEK, s.r.o.

Čejkovy 23, 342 01 Hrádek - CZECH REPUBLIC
Contacts: https://kritek.eu/contacts

Purpose of the data processing

Legal basis of the
data processing

Data retention
period

Data collection for personnel recruitment;
Recruitment of personnel, execution of any contractual relationship, conducting training courses and internships;
Formalisation of an application, for the purposes of any ongoing or future campaigns.
Performance of the contract to which the Data Subject is party;
Legitimate interest for recruiting purposes;
Consent of the Data Subject.

The collected data shall be retained for two years.

Once the data retention timeframes indicated above have expired, the data shall be destroyed, deleted or anonymised, consistent with the applicable technical deletion and backup procedures.

Types of data processed and data collection methods

Data provided voluntarily by the user

The voluntary and explicit submission of a Curriculum Vitae via the contact details provided across the different access channels available on this website involves the subsequent acquisition of the same, together with the sender/user’s personal data, needed to handle the request. The processing of said data shall be based on the principles of fairness, lawfulness, transparency and protection of confidentiality, as set out in the GDPR.

Provision of data

The provision of personal data by the Data Subject, for the purposes described in the previous paragraph, is considered mandatory. Failure to provide such data may result in it being impossible to formalise the Data Subject’s self-candidacy. In the absence of said data, the Data Controller shall not be able to accept your application.

Data processing methods

Personal data shall be processed using automated tools, for the time strictly necessary to achieve the purposes for which such data was collected, in compliance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to Article 5 of the GDPR and in compliance with the mandatory timeframes prescribed by law. Specific security measures are observed in order to prevent data loss, unlawful or improper use, and unauthorised access to the data.

Communication and/or dissemination of data

Your data, subject to processing, shall not be disclosed but may be communicated to companies contractually linked to the company, in accordance with, and within the limits of, the GDPR. The personal data collected is stored on servers located within the European Union. It is, in any case, understood that the Data Controller, where necessary, shall have the right to move its servers outside the EU. In this case, the Data Controller shall ensure that the transfer of data outside the EU takes place in accordance with the applicable legal provisions, subject to the stipulation of standard contractual clauses provided for by the European Commission. Moreover, the Data Subject shall be informed in this regard.

The data may be disclosed to third parties belonging to the following categories:

  • subjects that provide services intended for the management of information systems used by the Company and of its telecommunications networks;
  • firms or companies providing support or consultancy services;

  • competent authorities to fulfil legal obligations and/or provisions from public bodies, on request.

The subjects belonging to the aforementioned categories perform the function of Data Processors or operate in full autonomy as separate and distinct Data Controllers.

The list of Data Processors shall be updated on an ongoing basis and is available upon request from the Company’s offices. Any further communication or dissemination of the data shall take place only with your explicit consent.

Any automated decision-making processes

The Data Controller hereby informs the Data Subject that this website does not use any automated decision-making processes and, in particular, there is no profiling system in place.

Minors

This website and the Services offered herein are not intended for minors under 16 years of age and the Data Controller does not intentionally collect personal information relating to minors. In the event that information referring to minors be unintentionally collected and stored, the Data Controller shall proceed to promptly delete the data at the users’ request.

Rights of the Data Subject

The Data Subjects are entitled to receive information from the Company regarding the processing of their personal data by contacting

  • Right to access: we are transparent regarding the data we collect and the use we make of such data. You can contact us at any time by sending an email to access the personal data concerning you we have in our possession.

  • Right to rectification: you have the right to have any inaccurate or incomplete personal data concerning you to be rectified and to request that any data be updated and/or modified.

  • Right to deletion: if you send a request for all data concerning you to be deleted, we shall process your request within a period of 30 days.

  • Right to restrict data processing: you have the right to request that the Data Controller limit the processing of your data.

  • Right to portability: subject to your request, we shall export your data so that they can be transferred to third parties in a structured and commonly used format that can be read by an automatic device.

  • Right to object: you can unsubscribe, at any time, from all the specific ways we use your personal data (newsletters, automatic emails, etc.).